You want to create a custom role that combines permissions from Compute Engine and Cloud Storage. Which approach is correct?

hard📝 Application Q9 of 15

GCP - Cloud IAM Advanced

ACreate a custom role with only Compute Engine permissions and rely on default storage permissions.

BCreate two separate custom roles and assign both to users.

CUse a predefined role that covers both services automatically.

DList all required permissions from both services in the 'includedPermissions' field when creating the role.

Step-by-Step Solution

Solution:

Step 1: Understand custom role permission aggregation
Custom roles can include permissions from multiple services by listing them all.
Step 2: Evaluate options
List all required permissions from both services in the 'includedPermissions' field when creating the role. correctly states to list all permissions in one role. Others are less efficient or incorrect.
Final Answer:
List all required permissions from both services in the 'includedPermissions' field when creating the role. -> Option D
Quick Check:
Combine permissions in one role via includedPermissions [OK]

Quick Trick: Combine permissions from services in one custom role [OK]

Common Mistakes:

Master "Cloud IAM Advanced" in GCP

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More GCP Quizzes